<?php

//--------------------------------------------------
//	Filename: profile_update_comment.php
//--------------------------------------------------
if( !defined('IN_INDEX') )
{
	posterror("ACCESS DENIED", "This page is hidden.");
	exit;
}
if(!checkSession())
{
			function redirect($url)
			{
			?>
				<script type="text/javascript">
					{
					window.location = "<?=$url?>";
					}
				</script>
			<?php 
			}
			redirect("index.php?action=login");
	exit;
}
if(isset($_POST['update_comment_submit']))
{
	
	$comment_text = htmlspecialchars($_POST['comment_text']);
	$commentid = $_POST['commentid'];
	$trainingid = $_POST['trainingid'];
	
	$sql = "UPDATE comments SET comment_text='". $comment_text ."', comment_date_update='" . time() . "' WHERE comment_id=". $commentid ."";
	if(!$result = $db->sql_query($sql))
	{
		printError("SQL ERROR", mysql_error($sql));
	}
	else
	{
		echo"<br /><br /><br /><br /><br /><br /><br /><br /><br />
					<center><meta http-equiv='refresh' content='0;url=index.php?action=profile&sub=show&tid=" . $trainingid . "' />";
		echo "<h1>" . ucfirst(translate('update_comment_successful')) . "</h1>";
		echo "<br/>" . translate('redirectedin') . " <a href='index.php?action=profile&sub=show&tid='" . $trainingid . "'>" . translate('clickhere') . "</a><div class='fixed'>
					</div>
				</div>
				</div>
			<div class='fixed'>
			</div>
			<div id='footer'>
			<a id='gotop' href='#' onclick='MGJS.goTop();return false;'>" . translate('top') . "</a>
				<div align='center' id='copyright'>&copy; " . translate('copyrightyear') . " " . translate('header_text'). " - " .  translate('curversion') ." - <a href='index.php?action=contact'>" . translate('contact') ."</a> - <a href='index.php?action=about'>" . translate('about') . "</a> - " . translate('onlineusers'). ": " . getActiveUsers() . "<br />
                </div></center>";
		exit;
			
	}	
}

$userid = $_REQUEST['userid'];
$commentid = $_REQUEST['commentuid'];
$trainingid = $_REQUEST['tid'];

$sql = "SELECT * FROM comments WHERE comment_id = ". $commentid ." ";
if(!$result = $db->sql_query($sql))
	{
		printError("SQL ERROR", mysql_error($sql));
	}
	else
	{
		if( $row = $db->sql_fetchrow($result) )
		{
		$row['comment_text'];	
		}
	}

?>
<center>
<div id="respond">
<form name="comment" method="post" action="index.php?action=profile&sub=update_comment">
	<table>
    <h2><?php echo translate('update_comment'); ?></h2>

			<td colspan="2">
				<textarea id="comment_text" name="comment_text" cols="115" rows="8"><?php echo $row['comment_text']; ?></textarea>
			</td>

        
        	<tr>
            <td align="right">
            <input style="font-weight:bold;" align="right" type="submit" name="update_comment_submit" value=" <?php echo ucf(translate('update')); ?> ">
			</td>
			<input type="hidden" name="commentid" value="<?php echo $commentid; ?>"  />
            <input type="hidden" name="trainingid" value="<?php echo $trainingid; ?>"  />
 		</tr>
	</table>
</form>
</div>
</center>